<?php
require_once("BaseDAO.php");
require_once("../Entities/User.php");
class UserDAO extends BaseDAO
{
	
	function CreateUser($user)
	{
		$sql = "insert into Users(Username,Password,FirstName,LastName,Phone,Email,RoleId)	
		values 
		('" . 
		$user->Username . "','" 
		. $user->Password . "','" 
		. $user->FirstName . "','" 
		. $user->LastName . "','" 
		. $user->Phone . "','" 
		. $user->Email . "','" 
		. $user->Role . "');";
		mysql_query($sql);
		$user->UserId = mysql_insert_id();
		return $user;
	}
	
	function UpdateUser($user)
	{
		$sql = "update Users set Username='" . $user->Username . "',Password='" . 
			$user->Password ."',FirstName='" . 
		$user->FirstName ."',LastName='" . 
		$user->LastName ."',Phone='" . 
		$user->Phone . "',Email='" . 
		$user->Email ."',RoleId='" . 
		$user->Role . "' where Id='" . $user->Id . "';";
		mysql_query($sql);
	}
	
	function DeleteUser($id)
	{
		$sql = "delete from Users where UserId='" . $id . "';";
		mysql_query($sql);
	}	
	
	function GetUserById($id)
	{
		$sql = "select * from Users where UserId='" . $id . "';";
		$result = mysql_query($sql);
		if(mysql_num_rows($result) == 1)
		{
			$row = mysql_fetch_assoc($result);
			$user = new User();
			$user->UserId = $row["UserId"];
			$user->Username = $row["Username"];
			$user->Password = $row['Password'];
			$user->FirstName = $row["FirstName"];
			$user->LastName = $row["LastName"];
			$user->Phone = $row["Phone"];
			$user->Email = $row["Email"];
			$user->Role = $row["RoleId"];
			return $user;
		}
		return null;
	}
	
	function GetAll()
	{
		$sql = "select * from Users ;";
		$result = mysql_query($sql);
		$list = array();
		while($row = mysql_fetch_assoc($result))
		{
			$user = new User();
			$user->UserId = $row["UserId"];
			$user->Username = $row["Username"];
			$user->Password = $row['Password'];
			$user->FirstName = $row["FirstName"];
			$user->LastName = $row["LastName"];
			$user->Phone = $row["Phone"];
			$user->Email = $row["Email"];
			$user->Role = $row["RoleId"];
			$list[] = $user;
		}
		return $list;
	}
	
	function Authentication($username, $password)
	{
		$sql = "select * from Users where Username='" . $username . "' and Password='" . md5($password) . "';";
		$result = mysql_query($sql);
		if(mysql_num_rows($result) == 1)
		{
			$row = mysql_fetch_assoc($result);
			$user = new User();
			$user->UserId = $row["UserId"];
			$user->Username = $row["Username"];
			$user->Password = $row['Password'];
			$user->FirstName = $row["FirstName"];
			$user->LastName = $row["LastName"];
			$user->Phone = $row["Phone"];
			$user->Email = $row["Email"];
			$user->Role = $row["RoleId"];
			return $user;
		}
		return null;
	}
	
	function CheckUsername($username)
	{
		$sql = "select * from Users where Username='" . $username . "';";
		$result = mysql_query($sql);
		if(mysql_num_rows($result) == 1)
		{
			return true;
		}
		return false;
	}
}

?>